Set cookies with Spring Boot

Basic

You just have to define a bean that returns a ServletContextInitializer.

Write the following code in an appropriate Application class

Applcation.java




    @Bean
    public ServletContextInitializer servletContextInitializer(@Value("${secure.cookie}")boolean secure) {
        return servletContext -> {
            servletContext.getSessionCookieConfig().setName("hogeSession");
        };
    }

set to httponly

python



        return servletContext -> {
            servletContext.getSessionCookieConfig().setHttpOnly(true);
        };

Add secure attribute


        return servletContext -> {
            servletContext.getSessionCookieConfig().setSecure(true);
        }

It may be a hindrance when developing locally, so it may be more convenient to get it from properties and set it to true in the prod setting.

    @Bean
    public ServletContextInitializer servletContextInitializer(@Value("${secure.cookie}")boolean secure) {
        return servletContext -> {
            servletContext.getSessionCookieConfig().setSecure(true);
        };
    }

Do not give JSESSIONID to URL

If cookies are not available, you will try to manage the session with the URL, which should be avoided. Even if cookies can be used, the JESSION ID will be given to the URL only for the first access. Since Spring Boot uses Servlet 3.0, you can narrow down to cookies only by setting Session Tracking Mode.



        return servletContext -> {
            servletContext.setSessionTrackingModes(Collections.singleton(SessionTrackingMode.COOKIE);
        };

This is synonymous with the following settings in web.xml.



<session-config>
  <tracking-mode>COOKIE</tracking-mode>
</session-config>

Summary

If you set these together, it will look like this



    @Bean
    public ServletContextInitializer servletContextInitializer(@Value("${secure.cookie}")boolean secure) {

        ServletContextInitializer servletContextInitializer = new ServletContextInitializer() {
            @Override
            public void onStartup(ServletContext servletContext) throws ServletException {
                servletContext.getSessionCookieConfig().setHttpOnly(true);
                servletContext.getSessionCookieConfig().setSecure(secure);
                servletContext.setSessionTrackingModes(
                        Collections.singleton(SessionTrackingMode.COOKIE)
                );
            }
        };
        return servletContextInitializer;
    }

reference https://www.glamenv-septzen.net/view/1093

Recommended Posts

Set cookies with Spring Boot
Download with Spring Boot
Generate barcode with Spring Boot
Hello World with Spring Boot
Implement GraphQL with Spring Boot
Get started with Spring boot
Run LIFF with Spring Boot
SNS login with Spring Boot
File upload with Spring Boot
Spring Boot starting with copy
Hello World with Spring Boot
Use Spring JDBC with Spring Boot
Add module with Spring Boot
Getting Started with Spring Boot
Create microservices with Spring Boot
Send email with spring boot
Create an app with Spring Boot 2
Database linkage with doma2 (Spring boot)
How to set Spring Boot + PostgreSQL
Spring Boot programming with VS Code
Until "Hello World" with Spring Boot
Get validation results with Spring Boot
(Intellij) Hello World with Spring Boot
Create an app with Spring Boot
Google Cloud Platform with Spring Boot 2.0.0
Check date correlation with Spring Boot
I tried GraphQL with Spring Boot
[Java] LINE integration with Spring Boot
Beginning with Spring Boot 0. Use Spring CLI
I tried Flyway with Spring Boot
Message cooperation started with Spring Boot
Spring Boot gradle build with Docker
Processing at application startup with Spring Boot
Set Spring profile when executing bootRun task with Spring Boot Gradle Plugin
Hello World with Eclipse + Spring Boot + Maven
Send regular notifications with LineNotify + Spring Boot
Perform transaction confirmation test with Spring Boot
Try using Spring Boot with VS Code
Start web application development with Spring Boot
Launch Nginx + Spring Boot application with docker-compose
Spring Boot Form
Implement CRUD with Spring Boot + Thymeleaf + MySQL
Asynchronous processing with Spring Boot using @Async
Implement paging function with Spring Boot + Thymeleaf
Spring Boot Memorandum
gae + spring boot
(IntelliJ + gradle) Hello World with Spring Boot
Use cache with EhCashe 2.x with Spring Boot
Form class validation test with Spring Boot
Run WEB application with Spring Boot + Thymeleaf
Achieve BASIC authentication with Spring Boot + Spring Security
Spring Boot environment construction with Docker (January 2021 version)
Create a website with Spring Boot + Gradle (jdk1.8.x)
Configure Spring Boot application with maven multi module
Test controller with Mock MVC in Spring Boot
Asynchronous processing with regular execution in Spring Boot
Until data acquisition with Spring Boot + MyBatis + PostgreSQL
Create a simple search app with Spring Boot
Hash passwords with Spring Boot + Spring Security (with salt, with stretching)
How to use MyBatis2 (iBatis) with Spring Boot 1.4 (Spring 4)
Run Scala applications with Spring Boot through Gradle